Skip to main content

Vaultwarden CVE-2026-47160

| EUVDEUVD-2026-44696 MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-15 GitHub_M
5.8
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
5.8 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
vuln.today AI
5.8 MEDIUM

Network-exploitable without authentication against default configuration; scope changes as server proxies requests to internal systems; confidentiality impact is low due to blind SSRF only.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
Patch available
Jul 15, 2026 - 17:48 EUVD
Source Code Evidence Fetched
Jul 15, 2026 - 15:51 vuln.today
Analysis Generated
Jul 15, 2026 - 15:51 vuln.today

DescriptionCVE.org

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's /icons/{domain}/icon.png endpoint used src/http_client.rs checks including should_block_address() and post_resolve() that missed decimal, hexadecimal, and octal IP representations, allowing SSRF through the icon-fetching HTTP client for blind internal network or port discovery. This issue is fixed in version 1.36.0.

AnalysisAI

{domain}/icon.png endpoint, bypassing the server's address blocklist. The icon-fetching HTTP client in src/http_client.rs applied should_block_address() and post_resolve() checks only against standard dotted-decimal notation, leaving alternative encodings - such as 0x7f000001 or 2130706433 for 127.0.0.1 - fully unblocked. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted GET /icons/<encoded-IP>/icon.png to public Vaultwarden
Delivery
Encoded IP bypasses string-based blocklist check
Exploit
Vaultwarden HTTP client issues outbound request to internal host
Execution
Attacker infers host/port reachability from timing or error response
Impact
Map internal network topology

Vulnerability AssessmentAI

Exploitation Exploitation requires Vaultwarden to be running a version prior to 1.36.0 with the icon-fetching feature active - this is the default configuration (ICON_SERVICE=internal); no non-default setup is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-assigned CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N, score 5.8) appropriately reflects network-reachable, unauthenticated exploitation with a changed scope - the Vaultwarden process probes internal hosts on behalf of the attacker, crossing the security boundary into internal networks. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a series of GET requests to a public Vaultwarden instance such as GET /icons/0x7f000001/icon.png, GET /icons/2130706433/icon.png, and GET /icons/0300.168.1.1/icon.png, supplying encoded representations of internal IP addresses. The SSRF blocklist, which checked only standard dotted-decimal notation, permits the requests, and the Vaultwarden HTTP client makes outbound connections to those internal hosts; by observing response timing, connection errors, or HTTP status codes, the attacker maps which internal hosts and ports are reachable from the Vaultwarden server without any credentials.
Remediation Upgrade Vaultwarden to version 1.36.0, which is the vendor-confirmed fix (GitHub release tag at https://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0, security advisory at https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-72vh-x5jq-m82g). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-27801 MEDIUM POC
5.9 Mar 04

Two-factor authentication bypass in Vaultwarden 1.34.3 and earlier allows authenticated attackers to circumvent 2FA prot

CVE-2026-27803 HIGH
8.3 Mar 04

Vaultwarden versions prior to 1.35.4 fail to properly enforce collection management permissions, allowing authenticated

CVE-2026-27802 HIGH
8.3 Mar 04

Vaultwarden versions before 1.35.4 contain a privilege escalation vulnerability that allows authenticated Manager-level

CVE-2026-47158 HIGH
8.3 Jul 15

Session hijacking via a broken SSO/OAuth authorization flow affects Vaultwarden (the Rust-based Bitwarden-compatible ser

CVE-2026-47164 HIGH
7.7 Jul 15

Authentication bypass (account takeover) in Vaultwarden before 1.36.0 allows an attacker who controls a federated identi

CVE-2024-56335 HIGH
7.5 Dec 20

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Rated high sev

CVE-2026-47159 MEDIUM
6.9 Jul 15

Vaultwarden's SSO discovery endpoint exposed real organization SSO metadata - including organizationIdentifier values -

CVE-2026-43911 MEDIUM
6.8 May 11

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, refresh tokens are not invalidated when t

CVE-2026-26012 MEDIUM
6.5 Feb 11

Vaultwarden versions prior to 1.35.3 allow authenticated organization members to bypass collection-level access controls

CVE-2026-27898 MEDIUM
5.4 Mar 04

Vaultwarden versions up to 1.35.4 is affected by authorization bypass through user-controlled key (CVSS 5.4).

CVE-2026-33420 MEDIUM
5.3 May 05

Vaultwarden versions 1.35.4 and earlier expose organization collection metadata to Manager-role users lacking full acces

CVE-2026-31835 MEDIUM
5.3 May 05

Vaultwarden versions 1.35.4 and earlier allow authenticated attackers to permanently disable WebAuthn two-factor authent

Share

CVE-2026-47160 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy